Detection Engineer - Machine Learning (remote, East/central)

CrowdStrike CrowdStrike · Enterprise · United States · Remote

CrowdStrike is seeking a Detection Engineer - Machine Learning to analyze malware and customer detection tickets to improve the efficacy of their AI-native cybersecurity platform. This role involves investigating detections, analyzing binary files, and providing feedback to Data Science on machine learning model improvements and false positive management.

What you'd actually do

  1. Analyze detection data including customer reports to determine which aspects of the machine learning models can be improved
  2. Perform tasks to enable better-management of false positive detections
  3. Analyze binary files to determine their legitimacy
  4. Review current product detections to ensure they are performing to the company standard
  5. Address internal questions and concerns regarding customer threat detections

Skills

Required

  • Exposure and understanding of different types and functionality of malware
  • Experience with reverse engineering malware, or malware operations
  • Knowledge of programming and scripting languages, in particular Python
  • Fundamental understanding of attributes of binary files such as imports/exports and packers
  • Ability to demonstrate practical knowledge of research/collection skills and analytical methods
  • General understanding of threat/risk management and threat/risk assessment
  • Familiarity with various operating systems
  • Ability to break down complex problems into workable components
  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.

Nice to have

  • Experience in a security operations center or similar environment responding to incidents
  • A thorough understanding of Windows OS internals and the Windows API
  • Knowledge of MacOS and/or Linux
  • Familiarity with tools used in targeted and criminal cyber-intrusions
  • A background in exploit and vulnerability analysis
  • Knowledge of a variety of programming languages including C, C++, Java, and assembly
  • Experience with threat detections by machine learning

What the JD emphasized

  • experience with detections of potentially malicious behavior by machine learning models is a plus
  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.

Other signals

  • analyzing malware and detections
  • improving detection capability and efficiency
  • analyzing customer detection tickets
  • improving machine learning models
  • managing false positive detections